- Fetch Softworks
- Bare Bones Software
- VMware
- Readers Like You!
- Mark/Space, Inc.
- Web Crossing
- Microsoft
Most Popular Articles
- How to Protect Yourself from the New Mac OS X Trojans (25 Jun 2008)
- iPhone 3G GPS Details, Power Adapter, and Industrial Design (10 Jun 2008)
- No, David Pogue, Ebook Piracy is Not a Given (05 Jun 2008)
- Firefox 3 Bounds Forward (22 Jun 2008)
Recent TidBITS Talk Discussions
- The Hole in My Backup Plan (13 messages)
- New Mac threats? (1 message)
- Current iPhones Keep Cheaper Plan on Reactivation (2 messages)
- Making AppleCare Worthwhile: MacBook Pro Battery Replacement (22 messages)
Shopping for a new digital camera? In "Take Control of Buying a Digital Camera," pro photographer Larry Chen helps you pick out the right camera and accessories for your needs and budget. This book is loaded with tips on using your camera, pointers to the best review sites, and more!
Related Articles
- Web Companion 5.0v4 Plugs FileMaker Holes (15 May 00)
- FileMaker Developer 5 Ships (24 Apr 00)
Other articles in the series FileMaker 5
- Web Companion 5.0v4 Plugs FileMaker Holes (15 May 00)
- FileMaker Pro 5 Released to Controversy (27 Sep 99)
- Brought to You by the Letter T (04 Oct 99)
- FileMaker Pro 5 Unlimited Ships (17 Jan 00)
- FileMaker 5.0v3 Update Available (27 Mar 00)
- FileMaker Developer 5 Ships (24 Apr 00)
Published in TidBITS 529. Subscribe today to receive TidBITS in email every Monday.
- Government Recommends Microsoft Breakup
- Apple Offers Free iMovie Download
- Handspring Releases Palm Desktop 2.6
- AOL 5.0
- Virtual PC 3.0.3 Update Released
- Dartmouth Spins Off Software
- Poll Preview: Collateral Spammage
- Modifying the Macintosh Startup Sequence
- Email Spam: The Bandwagon Plays On, Part 2
| FileMaker 5 Internet Security Holes
by Geoff Duncan 
FileMaker 5 Internet Security Holes -- Blue World Communications has published a FileMaker 5 security alert outlining serious Internet security issues with FileMaker Pro 5 and FileMaker Pro 5 Unlimited's XML publishing and email capabilities. Two exploits enable an interloper to acquire the entire contents of any Web-published database via email or as XML regardless of Web security settings; another enables anyone on the Internet to use FileMaker 5's email capabilities to send arbitrary email messages (a problem sure to delight spammers worldwide). These revelations come a week after FileMaker Inc. published documentation of FileMaker Pro 5's Web publishing capabilities in FileMaker Developer 5, although portions of FileMaker's XML capabilities have been documented on FileMaker's Web site for five weeks. As of this writing, FileMaker has not acknowledged any problems, and the only workarounds currently appear to be disabling FileMaker 5's Web Companion, reverting to FileMaker Pro 4.x (which does not have these security issues, but cannot open FileMaker 5 databases), or using a middleware product like Blue World's Lasso as a gateway for incoming requests. [GD]
<http://www.blueworld.com/blueworld/news/ 05.01.00-FM5_Security.html>
<http://db.tidbits.com/article/05904>
MARK/SPACE, INC: Take it with you! The Missing Sync makesit easy to synchronize contacts, calendars, notes, photos
and more from your Mac to your BlackBerry, Palm OS, or
Windows Mobile phone. <http://www.markspace.com/bits>